﻿<!DOCTYPE html>

<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta charset="utf-8" />
    <title></title>
</head>
<body>
    <h1>Welcome to the OneLogin Sample</h1>
    <h2>Acknowledgments</h2>
    <p>This sample relies heavily on sample code provided by OneLogin.</p>

    <h2>Purpose</h2>
    <p>The purpose of this sample is to demonstrate how SAML authentication can be added to a ServiceAPI application such as WebDrawer or the Web Client.  Given that HPRM does not yet have an App on the OneLogin portal the purpose of this sample is not to support production use of OneLogin.</p>

    <h2>Pre-Requisites</h2>
    <p>To use this you must have configured a SAML Test Connector with OneLogin.</p>

    <h2>Using the sample</h2>
    <p>To use this sample:</p>
    <ol>
        <li>Create a OneLogin account, configure a SAML Test Connector and add some users.</li>
        <li>
            Add the appSettings found in sample.web.config to your web.config
            <ul>
                <li>saml.consumer.service.url contains the value from 'Recipient' in the SAML Test Connector</li>
                <li>saml.certificate contains the X.509 certificate found in the SAML Test Connector SSO tab</li>
                <li>saml.idp.sso.target.url is the SAML 2.0 Endpoint found in the SSO tab in the SAML Test Connector</li>
            </ul>
        </li>
        <li>Set the Authentication in the IIS Web Site to Anonymous.</li>
        <li>Build the OneLoginPlugin project</li>
        <li>Copy OneLoginPlugin.DLL to the bin folder of the Web Client</li>
        <li>edit hptrim.config (or hprmServiceAPI.config for the Web Client) and add the plugin (see example below.)</li>
    </ol>


    <h2>Sample Plugin in hptrim.config</h2>
<pre>&lt;pluginassemblies>
    &lt;add name="OneLoginPlugin" />
&lt;/pluginassemblies></pre>

    <h2>Sample SAML Test Connector Configuration</h2>
    <p>The SAML Test Connector Configuration will contain values similar to these:</p>
    <table>
        <thead>
            <tr>
                <th>Property</th>
                <th>Value</th>
            </tr>
        </thead>
        <tbody>
            <tr>
                <td>Relay State</td>
                <td>https://mydomain.info/HPRMWebDrawer</td>
            </tr>
            <tr>
                <td>Recipient</td>
                <td>https://mydomain.info/HPRMWebDrawer</td>
            </tr>
            <tr>
                <td>ACS URL Validator</td>
                <td>A regular expression to ensure that only your assertion consumer URL is accepted.  (the RegEx .* will accept any URL).</td>
            </tr>
            <tr>
                <td>ACS URL</td>
                <td>https://mydomain.info/HPRMWebDrawer/auth/saml</td>
            </tr>
            <tr>
                <td>Single Logout URL</td>
                <td>https://mydomain.info/HPRMWebDrawer/SAMLLogout</td>
            </tr>
        </tbody>
    </table>
</body>
</html>